Web 应用程序的 SSL 证书
我希望为我的 Web 应用程序使用 SSL 证书.任何人都可以指出我如何将其包含在 Web 应用程序中?通过 web.xml 文件?我找到了很多 IIS 示例,但我将使用 tomcat 和 apache.
Im looking to use an SSL certificate for my web application. Can anyone give pointers as to how i include this in the web application? via the web.xml file? I have found lots of examples for IIS but i will be using tomcat and apache.
我猜这个过程包括购买证书,然后将 Web 应用程序与证书相关联?对吗?
I guess the process includes purchasing a certificate and then assocating the web app with the certificate? Is that correct?
我猜这个过程包括购买证书和
I guess the process includes purchasing a certificate and
您不必购买任何东西.您可以使用 java 的 keytool、OpenSSL 或 Bouncy Castle 来创建自签名证书.但要使其正常工作,您必须将 Web 客户端配置为使用自定义信任库或在 Java 的默认信任库中导入证书
You do not have to buy anything. You can use java's keytool, OpenSSL or Bouncy Castle to create a self-signed certificate. But for this to work you must configure your web clients to use a custom truststore or import the certificate in java's default truststore
将 Web 应用程序与证书
assocating the web app with the certificate
没有.进行身份验证并发送证书的是服务器,而不是 Web 应用程序.
No. It is the server that is authenticated and sends the certificate and not the web application.
will be using tomcat and apache.
您必须转到 server.xml 并取消对 SSL 连接器的注释.
您必须在那里定义密钥库和密码.如果您想要相互身份验证,信任库也是如此.例如
You have to go to server.xml and uncomment the connector for SSL.
There you must define the keystore and the password. If you want mutual authentication the truststore as well. E.g.
<Connector protocol="org.apache.coyote.http11.Http11Protocol" clientAuth="false"
port="8443" keystoreFile="/conf/serverKeys.p12"
keystoreType="PKCS12" keystorePass="123456" etc
/>
您可以查看 Tomcat 的指南:Tomcat SSL how-to
You can check Tomcat's guide: Tomcat SSL how-to